Author
Topic: How does Nodes discovery really work? (Read 6505 times)

smueller

Hi there,we use Nedi 1.04 in several of our Costumer Networks, and it works quite well (say you have clean cisco/hp Networks (even with a 3com "network"). But now i've come across a strange Problem:I've installed it in a network with about 15 hp, 2cisco switches and a M$-ISA Server as (de)fault Gateway...Device Discovery works quite well, all LLDP neighbours where found and the cisco and ISA Links where added manually.But Nedi discovery only 25 Nodes from 400 in this Network and these are all connectet to a Default vlan Interface on one switch.After lookin a bit at the code and the Debug Output, i've guessed, that nedi only discovers Nodes that are in some Arp Tables, but as Switches go, they mostly dont care about IP's and so their Arp Tables are quiet empty (only some Admin Pc which connected to the switches directly).The Mac table of these swicthes contain all Nodes, but nedi does not care...

And even the Arp Table on the ISA"server" does not contain all nodes, hence there are lots of Nodes wich arent allow to reach other networks exepct their own (donst Surf, Work!)...

Is that correct?Or have i made some errors(perhaps in def file for ISA)?

Could you post some info how nedi assings nodes to ports? I've broke my Head about that, because you find the same macs ond diffenrent ports on different switches (e.g. Uplink ports)

NeDi uses ARP tables only to get IPs it uses bridge forwarding tables of the switches for port assignments (if the .def file is set correctly). More support for donations (you seem to use NeDi commercially after all)...

JamesC

I'm interested in this as well. Does Nedi only use arpwatch to get IP addresses? I checked the arp table on the Nedi server and it lists several IP addresses, some of which Nedi has in it's DB, and several where the MAC is there, but Nedi doesn't have the IP address.

Thanks

James

Logged

hgerber

Ok if you know networking and Cisco Devices you will understand how nedi discovery works.Nedi`s power is the fact that it relies on CDP (Cisco Dicovery Protocol) and is a multicast address used between cisco and HP Procurve Switches/Routers.

Once Nedi gets hold of the Default gateway then everthing happens from there on.Meaning that if CDP is not enabled on any neighbouring device Nedi wont discover the Device.Once the Device is discovered the it will probe the ARP table to discover MAC addresses and IP information and Serial links.

Depending on the switch Mac-Table clear time the amount of hosts can change.Nedi is more designed for Auditing Purposes than anything else.

JamesC

I understand about networking, but not so much about Cisco devices I believe we have CDP turned on for our Core Switches, but we're still only getting a small handful of IP's.

I don't think that CDP is turned on for most of our cisco devices, could that cause issues? The Core Switches have about a hundred nodes, which sounds about right for our data center. Also we have several subnets, could this block IP resolution.